OWASP Joomla Vulnerability Scanner Limitations

Limitations on Current Release

The vulnerability database still lacks of unknown exploit checks. If the exploit check is not available, the scanner verify based on deduced version. If deduced version is not available, it then cannot verify the vulnerability